Network devices like routers, servers, switches, and firewalls are designed to process transient traffic that they receive by following rules defined in their configuration. When these devices are within the same Administrative Domain (AD) (i.e., a collection networks, computers, and databases under a common administration), the administrator can apply similar policies throughout the network. However, when one of these devices sits outside of the AD, the network device has little, if any, control on what traffic it receives. Accordingly, downstream network devices that receive traffic from a device outside the AD are without the ability to dictate traffic parameters regarding the traffic they receive. This is disadvantageous. For instance, during a denial of service (DoS) attack, an upstream network device that is outside of the AD will continue to send data even though the downstream network device has become overwhelmed by the attack, potentially resulting in loss of service or capacity for customer/client devices connected to the downstream network device.